Checks if the input can be handled by this class. If it cannot handle the input, rejects with an error explaining why.
Input that could potentially be handled.
A promise resolving if the input can be handled, rejecting with an Error if not.
Creates an Authorization object based on the quads found in the ACL.
Credentials to check permissions for.
Store containing all relevant authorization triples.
If the target resource is an acl document.
Determines the available permissions for the given credentials. Will deny all permissions if credentials are not defined
Store containing all relevant authorization triples.
Credentials to find the permissions for.
Finds all triples in the data stream of the given representation that use the given predicate and object. Then extracts the unique subjects from those triples, and returns a Store containing all triples from the data stream that have such a subject.
This can be useful for finding the acl:Authorization
objects corresponding to a specific URI
and returning all relevant information on them.
Representation with data stream of internal/quads.
Predicate to match.
Object to match.
A store containing the relevant triples.
Returns the ACL triples that are relevant for the given identifier. These can either be from a corresponding ACL document or an ACL document higher up with defaults. Rethrows any non-NotFoundHttpErrors thrown by the ResourceStore.
ResourceIdentifier of which we need the ACL triples.
Only used internally for recursion.
A store containing the relevant ACL triples.
Checks if an agent is allowed to execute the requested actions. Will throw an error if this is not the case.
Input data that will be handled if it can be handled.
A promise resolving if the input can be handled, rejecting with an Error if not.
Sets the correct values for non-acl permissions such as create and delete. Also adds the correct values to indicate that having control permission implies having read/write/etc. on the acl resource.
The main reason for keeping the control value is so we can correctly set the WAC-Allow header later.
Handles permissions according to the WAC specification. Specific access checks are done by the provided AccessChecker.